Solaris 10 (sparc) : 118562-14

SunOS 5.10: Solaris Data Encryption Kit Pa. Date this patch was last updated by Sun : Apr/24/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

To shadowless go without a trace anonymous breakthrough network limit-vulnerability warning-the black bar safety net

Network management as the name suggests, is every pipe of the network, and tried various means to restrict our Internet access people. In the network established all sorts of rules, don't download, don't use IM, not allowed to access the restricted site, etc., so we can't enjoy the Internet bring...

CVE-2006-1538

The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus...

gnupg security update

CentOS Errata and Security Advisory CESA-2006:0266 An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data...

Oracle Transparent Data Encryption master encryption key stored as plaintext

Overview Oracle Transparent Data Encryption master encryption key is stored as plaintext, which could allow an attacker to decrypt and read sensitive information within the database. Description Transparent Data Encryption TDE According to Oracle, Transparent Data Encryption "allows customers to...

CVE-2006-0270

Unspecified vulnerability in the Transparent Data Encryption TDE Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without...

Design/Logic Flaw

Unspecified vulnerability in the Transparent Data Encryption TDE Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without...

[Full-disclosure] Oracle Database 10g Rel. 2- Transparent Data Encryption plaintext masterkey in SGA

Hello FD reader Oracle released the first critical patch update for 2006 with bugfixes for 82 vulnerabilities. http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html Additional information concerning the Oracle January 2006 CPU is available here...

WebEOC uses a global shared key

Overview WebEOC installations may use the a common secret key to encrypt data. If an attacker can retrieve this key from one site, they will be able to decipher all data encoded with the key across all WebEOC installations. Description WebEOC is a web-based crisis information management applicati...

RHEL 2.1 : gnupg (RHSA-2003:176)

Updated gnupg packages are now available which correct a bug in the GnuPG key validation functions. The GNU Privacy Guard GnuPG is a utility for encrypting data and creating digital signatures. When evaluating trust values for the UIDs assigned to a given key, GnuPG versions earlier than 1.2.2...

Multiple issues with Mac OS X AFP client

Multiple issues with Mac OS X AFP client Background The standard Apple Filing Protocol1 AFP does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos2. There does not appear to have been a...

Moderate: Red Hat Security Advisory: gnupg security update

Updated gnupg packages are now available which correct a bug in the GnuPG key validation functions. The GNU Privacy Guard GnuPG is a utility for encrypting data and creating digital signatures. When evaluating trust values for the UIDs assigned to a given key, GnuPG versions earlier than 1.2.2...

Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities Revision 1.0 For Public Release 2002 September 03 at 1500 UTC ---------------------------------------------------------------------- Contents Summary Affected Products Detai...

Kerberos Telnet protocol does not adequately protect authentication and encryption options

Overview A vulnerability exists in the Telnet Authentication Option and Telnet Data Encryption Option specifications. An ordered list of authentication and encryption options sent from the server to client during negotiation is not cryptographically protected. As a result, an attacker may be able...

shockwave.7.txt

Date: Thu, 11 Mar 1999 13:53:41 -0400 From: Sean Coates To: [email protected] Subject: Fwd: Shockwave 7 Security Hole I just got this off a Lingo programming list Macromedia Director 7 scripting. Thought the Bugtraq community might appreciate it. -Sean Coates [email protected] Date: Thu, 11...